Privacy Policy

ScanMonk (“we,” “us,” or “our”) operates DOPE, a Customer Intelligence Dashboard that helps brands collect, analyse, and act on customer feedback. This Privacy Policy explains how data is collected, stored, used, and protected across the DOPE platform, for both the brands (“Clients”) who subscribe to DOPE and the end customers (“Respondents”) whose feedback is collected through it.

We have written this policy to be direct. No legal fog. If something matters to you, it's in here.

From Brands (Clients):

• Business name, contact details, and authorised user information
• Subscription and billing information
• Configuration preferences (feedback categories, review parameters, dashboard settings)
• Integration credentials for communication channels (where applicable)

From End Customers (Respondents), on behalf of Brands:

• Contact information provided by the Brand (name, phone number, email address)
• Feedback responses submitted via Call, WhatsApp, or Email
• Experience ratings across categories such as quality, delivery, packaging, and service
• Open-text responses analysed for sentiment, keywords, and patterns

All customer data collected through the DOPE platform belongs entirely to the Brand.

This is not a technicality: it is the foundation of how DOPE is built.

• The Brand owns all raw feedback, customer contact information, response data, and any derived reports generated within their account.
• ScanMonk does not claim ownership over any Brand's customer data.
• Data is stored in isolated, Brand-specific environments. No other Brand can access your data.
• Upon termination of your subscription, your data can be exported in full. Retained copies on our servers are deleted within 60 days of a written deletion request, except where retention is required by law.

ScanMonk accesses Brand data only to the extent necessary to:

• Operate, maintain, and improve the DOPE platform
• Provide analysis, dashboards, alerts, and reports within your account
• Diagnose technical issues and ensure service reliability
• Comply with legal obligations

ScanMonk employees do not read individual customer feedback responses unless explicitly invited by the Brand for support purposes, and only with the Brand's express consent.

ScanMonk does not sell your data. Ever.

To improve DOPE's analytical models and deliver better intelligence to all Clients, ScanMonk may process anonymised, aggregated, and fully de-identified data signals, such as broad sentiment trends, category-level patterns, and system performance metrics, to generate internal benchmarking and market research. This data cannot be traced back to any individual Brand, customer, or response. No identifiable information leaves your account environment in this process.

We take security seriously because your customers' trust, and yours, depends on it.

• All data is encrypted in transit (TLS 1.2 or higher) and at rest (AES-256).
• Access to Brand data within ScanMonk is role-restricted and logged.
• We conduct regular security reviews and vulnerability assessments.
• DOPE's infrastructure is hosted on enterprise-grade cloud providers with SOC 2-compliant environments.

In the event of a data breach that affects your account, we will notify you within 72 hours of confirmed discovery.

DOPE collects feedback from your customers on your behalf. As a Brand, you are responsible for ensuring your customers are informed that their feedback is being collected and for maintaining appropriate consent records.

ScanMonk supports Respondent rights requests (access, correction, deletion) routed through the Brand. If a Respondent contacts us directly, we will direct them to the relevant Brand unless legally required to respond otherwise.

DOPE may connect with third-party services (communication platforms, cloud storage providers, etc.) to deliver its functionality. These integrations are listed in your account settings. We only share the minimum data required for these services to function and require all third-party providers to maintain data protection standards consistent with this policy.

• Active account data is retained for the duration of your subscription.
• Post-cancellation, data is accessible for 30 days before archival.
• Full deletion is completed within 60 days upon written request.
• Anonymised, aggregated analytics may be retained indefinitely as they contain no identifiable information.

We will notify active Clients via email and in-dashboard notice at least 14 days before any material change to this Privacy Policy takes effect. Continued use of DOPE after that date constitutes acceptance of the updated terms.

For privacy-related questions, data requests, or concerns:

• Email: [email protected]
• Company: ScanMonk, India